1 / 18

e Security

e Security. Gerald.Santucci@cec.eu.int. ISSS/LORIS 2003 Conference Hradec Králové, 23-25 March 2003 e Security in the IST Priority of the 6th Framework Programme.

mspicer
Download Presentation

e Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. eSecurity Gerald.Santucci@cec.eu.int ISSS/LORIS 2003 Conference Hradec Králové, 23-25 March 2003 eSecurity in the IST Priority of the 6th Framework Programme

  2. “All along the chain of Internet services, there is an essential need for security features”Erkki Liikanen, EC Commissioner, ISSE’1999“We are in the middle of a change in how security is done”Ross Anderson, Cambridge Univ.“Are we capable of remembering and solving all our economic, political and other questions in harmony with the claims of human being and national existence?”Karel Kosik (1926-2003), philosopher, “Our Current Crisis”

  3. Why Dependability and Security in FP6/IST ?

  4. Trust and Security in FP5

  5. A first assessment of work in FP5

  6. Regulatory Framework Policy • eEurope 2005 • Cybersecurity Task Force • ‘Culture of security’ • JAI initiative on secure VISA • use of biometrics • smart travel documents • International Fora • OECD • GBDe, • CoE, • G8 • ... • Electronic Signature Directive • Data protection in electronic communications • Council Resolution on Information & network security • Council Resolution on EU approach to a culture of security • Prop. Regulation of EP and Council establishing NISA • Framework Decision on attacks against information systems • Framework Decision on combating terrorism R&DActivities • Trust & Security:67 R&D projects(~85 M€) • Dependability: • 16 R&D projects(~28 M€) • Joint EU-US task force onR&D for CIP • R&D in information security key in FP6 Overview of EU activities

  7. EU policies security eEurope science & technology Changing the paradigm for security Security in AmI Space (in the open) Security in ICT (obscure)

  8. From the ICT to the AmI Space paradigm (1) • Empowerment of people through a digital environment which is sensitive, adaptive and responsive to their needs, habits, gestures… • Ubiquity • Network/object/service awareness • Intelligence • Natural interaction

  9. From the ICT to the AmI Space paradigm (2) • Unprecedented requirements for Cyber Security: • sharing computing resources • ensuring the dependability of the IC infrastructure • managing digital assets • engendering trust within the user community • carefully assessing social and economic implications (seamless integration and interdependence between technological and human systems) • Need to find a balance between the use of advanced ICT, social processes, personal accountability, and ethics

  10. From the ICT to the AmI Space paradigm (3) • What will do the IST Priority of FP6? • Stimulate and support the development of knowledge and technologies • Handle the ‘open questions’ by fostering multidisciplinary and ambitious research on dependability and security • cryptography, biometrics, trusted smart devices, etc. • novel scenarios of mobile networks, environments and codes • digital identity management • survivability and interdependencies of infrastructures

  11. Individuals and open large communities FP3 FP4 FP5 Protection of digital assets Information infrastructure dependability & CIP Mobility and reconfigurability Keywords: ambient networks, nomadic people, mobile things in the environment, intermediation services, ubiquity, distributed interactive infrastructure... eEurope 2002 + 2005, National Events Deployment through eTEN Support to EU Policies (ENTR, MARKT, JAI, RELEX…) Technology assessment & transfer Building on the past to shape the future NEXT10 years (2003-2014) ...to Security in Ambient Intelligent Space PAST10 years (1992-2002) From Security of Information Systems... RACE / ACTS ESPRIT/IT TAP [+ INFOSEC / ETS ISIS] @ Budget35M € Budget88M € Projects~50 Projects67 ResultsStrategic security frameworks User & service requirements PKI trials Specifications, standardisation, certification ResultsICT Security community high-risk technologies, applications & processes

  12. Content Infrastructure Clusters for Dependability and Security in FP6 • Securing the Individual • identity management • privacy and PETs • mobility • Securing Communities - B2E, B2B, B2C, as well as agents, devices... • legacy digital • mediation of security policies • timed security and mobility • Securing Critical Infrastructures • dependability • interdependencies

  13. 1/ Securing the Individual • Short term: Multi-platform access to eServices • Digital assets and identities become “raw” material for a digital economy • Management of multiple identities for different contexts and for interdependent processes (eBusiness, eHealth, eGovernment) • Industry initiatives (Web Services, Liberty Alliance, W3C/P3P, SSO, MS-Passport, PKI, etc.) • Complexity of the “intermediate” infrastructure and services • Medium-long term: Ambient Intelligence, seamless interactions with services • “Electronic environments that are sensitive and responsive to the presence of people” • New models of privacy management

  14. 2/ Securing the Communities • Society increasingly dependent on communication networks and information systems • Open, interconnected, interoperable, ‘plug-and-play’, ‘wireless in everything’ • ‘Traceability’ of the bits: ‘Data’ now is living and active objects • Enterprises in multiple dynamic networks; mobile worker needing access to corporate data (B2E) • Communities should be able to choose their own security policies • Mobility challenges: seamless service provision (multichannel, multi-device, multi-context-at home, on the move) • Security to consider type of communication (wired, wireless…) and semantics of the applications (health, voting, banking, auction, B2B…)

  15. 3/ Critical Infrastructures (1) Long term goals • Build robust foundations for IS through novel multidisciplinary and innovative system-model approaches, architectures and technologies to realise dependable, survivable and evolvable systems, platforms and information infrastructures. • Understand, model and control interdependencies between large-scale systems and infrastructures resulting from the pervasiveness and interconnectedness of IS technologies.

  16. 3/ Critical Infrastructures (2) Focus • Technologies, architectures & systems: robust open source software; advanced ubiquitous and wireless technologies; new architectures and computing paradigms (covering autonomy, self-adaptability, self-healing, real-time, etc.); distributed attack detection systems; modelling and synthetic environment for real-time dependability and continuity analysis; extensively deployed networked embedded system; etc. • Metrics & assurance: including plasticity and human aspects of systems; tools for real-time patterns and analysis of open network traffic data; complexity issues; verification; testing; certification; etc.

  17. 3/ Critical Infrastructures (3) Focus • Interdependencies: micro & macro dimensions; large-scale modelling and simulation capabilities; network awareness technologies; emergent systems properties; time dimension; social and cultural dimension; risk perception, communication and awareness; risk management in open environments... • International co-operation: focussing on technical domain of common interest and mutual benefit (e.g. modelling interdependent utilities; dependability certification, reliability and security of computational GRIDs, trustworthy and dynamic information sharing, etc.)

  18. Děkuji !

More Related